SDN or SD-WAN and MPLS Networks: Will the Internet Be Your Next WAN?

To hear the press tell it, the MPLS network is all but dead. The Internet is the future of wide area networks (WANs) in what’s been called a software-defined WAN (SD-WAN), also referred to as SDN. The reality, though, is a bit more complex to say the least. After almost a decade building MPLS and Internet VPN based WANs, I can tell you that both technologies have strengths that you can use to your advantage. We’ll start looking at those issues here.


Anyone who’s bought MPLS network bandwidth for business and Internet DSL for their home has gone through surreal the experience of paying twice, three–times, even ten-times more for the same amount bandwidth with MPLS. There’s no question that MPLS services are more expensive than your home DSL service (and we’ll explain why later), but just how much is of some disagreement. Telegeography suggested earlier in the year that Internet bandwidth can could be as much as 90 percent lower than those of MPLS (see figure). A large part of that depends on the type of class of service (COS) being implemented by the MPLS service, whether fiber already exists or not at the location, and other factors. Practically, I’ve found that in the field, MPLS services are more expensive, but with a difference probably closer to thirty percent, once you factor in discounts and service provider offerings often not considered in such surveys. Regardless, the difference is significant, but the savings with the Internet come at a price.

IP VPN and Local Access Costs

MPLS Performance

Although both MPLS network and Internet providers will quote comparable connections of comparable bandwidth, significant differences remain.
• As a managed service, MPLS ports bring lower latency and packet loss, and better uptime than Internet connections. (We’ll discuss security in a later post.)
• The routing policies of an MPLS service will be designed for maximum performance.
• The over-subscription ratio in the access layer will be lower with MPLS service than an Internet service so there is much less contention for backbone bandwidth.
• With MPLS services, for example, only .1% of packets typically need to be retransmitted due to packet loss. Latency will also be substantially lower as the provider run their own routing (or negotiated premium network-to-network interfaces (NNIs) with other MPLS providers).
• All performance characteristics will be backed with service level agreements (SLAs).

Internet VPN Performance

With the Internet VPN, there are no SLAs and no management and control. However, Internet backbone performance has significantly improved over the years in part driven by the shift to fiber and more undersea cables. Internet backbone performance can show packet loss rates comparable to that of MPLS network. However, spikes in loss are common, particularly when looking at packet flows traversing backbones or factoring in local loop performance. In those cases, packet loss rates can be much higher than with MPLS with periods of 1 percent (ten times greater than with MPLS) being common. With paths from the USA to Asia, periods of 5% packet loss are typical.

Latency rates will also vary and on average will be higher with an Internet VPN than with MPLS services. This is particularly true with international routes. Internet routing is aligned to the service provider’s business requirements, which may not necessarily align with customer requirements. Traffic may be dumped on another provider’s network for business reasons when the optimal path would be to remain on the backbone. The reverse is also true. There may be times that packets would be better served traversing another provider’s backbone, but peering restrictions make the improbable or impossible.


MPLS services come with SLAs governing time to deliver the service, downtime, time to repair and more. Such SLAs are often end-to-end, governing the entire network. As such, MPLS uptime is typically much higher, on the order of 99.99% per year depending on the service. When fiber and redundant connections are used those numbers are even higher.

Business-class Internet services may or may not be backed by some SLAs, depending on the provider. Complete Internet blackouts are rare within the service provider’s network because of the density of interconnections. However, access layer outages are not unusual as any customer will tell you, and the same is true with brownouts. Complete failures of an Internet connection may not happen all the time, but intermittent slowdowns are common. Routes will be available, but at significantly reduced performance as packets may need to be routed around the globe to do so, significantly increase packet loss and latency while reducing throughput.

Practical Impact

How do those factors play out in your decision to deploy an MPLS or the Internet VPN? A lot of it depends on the importance of the application and the remote location. We’ll explore those issues and more in our next post.

Share this post